US20190295095A1 - Financial payment method and payment system using mobile device - Google Patents
Financial payment method and payment system using mobile device Download PDFInfo
- Publication number
- US20190295095A1 US20190295095A1 US16/349,503 US201716349503A US2019295095A1 US 20190295095 A1 US20190295095 A1 US 20190295095A1 US 201716349503 A US201716349503 A US 201716349503A US 2019295095 A1 US2019295095 A1 US 2019295095A1
- Authority
- US
- United States
- Prior art keywords
- mobile device
- payment
- biometric information
- information
- purchaser
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/223—Payment schemes or models based on the use of peer-to-peer networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
- G06Q20/40145—Biometric identity checks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
- G06Q20/3227—Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/325—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V40/00—Recognition of biometric, human-related or animal-related patterns in image or video data
- G06V40/10—Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
- G06V40/12—Fingerprints or palmprints
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1025—Identification of user by a PIN code
- G07F7/1033—Details of the PIN pad
- G07F7/1041—PIN input keyboard gets new key allocation at each use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- the present invention relates to a financial payment method and payment system using a mobile device, and more particularly, to a method and system for making a payment by mutually verifying biometric information and financial information in two mobile devices.
- a payment system based on fingerprint recognition was first introduced to private businesses in the U.S. in 2007.
- the payment system has limitations in protecting personal information in that biometric information of individuals are stored in a specific device of a third party or accessible through a network exposed to the risk of hacking, which is why the payment system is not widely used now.
- the fingerprint recognition-based payment system imposes a cost constraint on offline affiliate members because every offline affiliate member should be provided with an expensive fingerprint sensor for fingerprint recognition.
- businesses using the fingerprint recognition-based payment system actually declared bankruptcy because of financial deficit caused by the purchase of a 2 to 3 million-dollar payment POS device.
- the Japanese government has attempted to adopt other fingerprint recognition-based payment systems. If a visitor to Japan puts two fingers on a fingerprint reader and inputs credit card information in an airport, the visitor may pay simply through fingerprint recognition in fingerprint recognition-enabled stores or hotels. For this purpose, the Japanese government announced that fingerprint recognition-based payment infrastructure would be deployed all over the nation by 2020 when the Olympics would be held in Tokyo. Although the attempt to deploy the fingerprint recognition-based payment infrastructure at the government level is highly likely to lead to wide use of the fingerprint recognition-based system, the fingerprint recognition-based system also has the same limitations as that in the U.S. due to the cost and insufficient protection of personal information.
- Patent document 1 Korean Patent Publication No. 10-0997820 (Dec. 1, 2010).
- a financial payment may be made without a physical card by means of a mobile device irrespective of time and place. Further, without the need for deploying additional infrastructure, a financial payment may be made using mobile devices which have been proliferated and are carried by a multitude of users.
- Personal information of an individual such as a resident registration number, a fingerprint, and the like, and financial information of the individual such as a card number, a card password, and the like are stored in a mobile device carried by the individual.
- financial information of the individual such as a card number, a card password, and the like are stored in a mobile device carried by the individual.
- the individual makes a financial payment
- the personal information and financial information are verified in the mobile device. Therefore, the individual may make a safe financial payment without exposure of the personal information and the financial information.
- the present invention provides a method of authenticating a financial payment at a first mobile device of a seller.
- the method comprises: sensing, by a sensor provided in the first mobile device, one or more pieces of biometric information of a purchaser; transmitting, by the first mobile device, the sensed biometric information to a second mobile device that is identified by the purchaser in a predetermined method; receiving, by the first mobile device, information from the second mobile device, wherein the information indicates whether the biometric information that is transmitted by the first mobile device matches biometric information of the purchaser that is pre-stored in the second mobile device; and authenticating, by the first mobile device, a content of the financial payment, when the biometric information that is transmitted by the first mobile device matches the biometric information that is pre-stored in the second mobile device.
- the biometric information may include one or more of fingerprint information, iris information, vein information, electrocardiogram information, and voice information.
- the authentication of the content of the financial payment may further comprise processing the payment in a payment method that is preset in the second mobile device.
- the preset payment method may comprise using a substitute key that corresponds to a password of a first payment means selected by the purchaser from among one or more payment means.
- the substitute key may be preset by the purchaser to correspond to a predetermined input key of each digit of the password, from among a set of input keys displayed on the first mobile device.
- the first payment means may be selected adaptively based on the payment content, from among preset one or more payment methods.
- the transmission of the sensed biometric information may comprise encrypting the sensed biometric information in a predetermined encryption method and transmitting the encrypted biometric information or converting the sensed biometric information to a file in a predetermined format and transmitting the file.
- the predetermined encryption method may be RC4, OTPad, DES, TDES, AES, IDEA, Dffie-Hellman, DSA, Elgamal, RSA, ECC, SHA, MD5, HAVAL, HMAC, or CBC-MAC.
- the file in the predetermined format may be an image file, a video file, or a voice file.
- the format of the file may be determined adaptively based on the sensed biometric information.
- a method of performing a financial payment at a second mobile device identified by a purchaser comprises: receiving, by the second mobile device, biometric information of the purchaser from a first mobile device of a seller; verifying, by the second mobile device, whether the biometric information that is received from the first mobile device matches biometric information of the purchaser that is pre-stored in the second mobile device; receiving, by the second mobile device, authenticated payment content from the first mobile device, when the biometric information that is received from the first mobile device matches the biometric information of the purchaser that is pre-stored in the second mobile device; and performing, by the second mobile device, a payment in a payment method that is predetermined with regard to the payment content.
- the method may further comprise receiving one or more pieces of biometric information and one or more payment methods from the purchaser.
- the performing the payment may comprise using a substitute key that corresponds to a password of a first payment means selected by the purchaser.
- the substitute key may correspond to each digit of the password that is to be input by a user from a combination of input keys displayed on the first mobile device.
- the first payment means may be set to be a discount for a payment amount, point accumulation, or a statement balance in an order determined by a preset priority.
- the priority may be reflected adaptively in the payment content.
- a computing device including at least one processor, implemented at least temporarily by the at least one processor.
- the computing device comprises: a sensor unit configured to sense one or more pieces of biometric information of a purchaser; a communication unit configured to transmit the sensed biometric information to a second mobile device that is identified by the purchaser in a predetermined method, and to receive information from the second mobile device in response to the transmission, wherein the information indicates whether the biometric information that is transmitted by the communication unit matches biometric information of the purchaser that is pre-stored in the second mobile device; and a computation unit configured to authenticate payment content, when the biometric information that is transmitted by the communication unit matches the biometric information that is pre-stored in the second mobile device.
- a program stored in a computer-readable recording medium for causing a computing device to perform a financial payment based on biometric information and financial information of a purchaser.
- the program comprises: an instruction set for receiving, at a first mobile device of a seller, biometric information of the purchaser; an instruction set for verifying whether the biometric information that is received from the first mobile device matches biometric information of the purchaser that is pre-stored in the computing device; and an instruction set for, when the received biometric information matches the pre-stored biometric information, receiving authenticated payment content from the first mobile device, and performing the payment using a substitute key that is received from the purchaser and corresponds to a password of a first payment means that is selected by the purchaser for each of one or more payment methods.
- biometric information of an individual which has strict personal information protection requirements
- a financial payment may proceed in any of various user-selected payment methods, and due to use of a substitute key that corresponds to a password of a financial payment means, exposure of the password of a user to a mobile device of an affiliate member may be prevented.
- FIG. 1 is a block diagram of a system for processing a financial payment by verifying biometric information, using two mobile devices according to an embodiment.
- FIG. 2 is a flowchart illustrating a method of processing a financial payment by verifying biometric information of a consumer according to an embodiment.
- FIG. 3 is a flowchart illustrating a method of processing a financial payment by verifying payment information of an affiliate member according to an embodiment.
- FIG. 4 is a sequence diagram illustrating interactions among a user mobile device, an affiliate member mobile device, and a card company server according to an embodiment.
- FIGS. 5A and 5B illustrate exemplary keypads for inputting a substitute key, displayed on a mobile device according to an embodiment.
- FIG. 6 illustrates an exemplary keypad on which the keys of the keypad illustrated in FIG. 5A are rearranged each time one digit of a substitute key is input according to an embodiment.
- FIG. 1 is a block diagram of a system for processing a financial payment by verifying biometric information, using two mobile devices according to an embodiment.
- a financial payment may be made between a user (a purchaser, a consumer, or an individual) and an affiliate member (a seller, a supplier, or a business provider) through interaction between a mobile device 100 of the affiliate member (seller) and a mobile device 200 of the user (purchaser), such as verifying biometric information and financial information between the mobile devices 100 and 200 .
- the mobile device 100 of the affiliate member includes a sensor unit 110 for sensing biometric information such as a fingerprint, an iris, and the like from a user 300 , a communication unit 130 for transmitting and receiving data to and from another device through a wired or wireless network, a computation unit 120 for generating payment content, requesting payment, and approving payment, and a database (DB) 140 .
- a sensor unit 110 for sensing biometric information such as a fingerprint, an iris, and the like from a user 300
- a communication unit 130 for transmitting and receiving data to and from another device through a wired or wireless network
- a computation unit 120 for generating payment content, requesting payment, and approving payment
- DB database
- the mobile device 200 of the user includes a sensor unit 230 for sensing biometric information such as a fingerprint, an iris, and the like from the user 300 , a communication unit 210 for transmitting and receiving data to and from another device through a wired or wireless network, a computation unit 220 for verifying data match, performing encryption or decryption for the verification of the data match, or pre-registering personal information, biometric information, financial information, and the like, and a DB 240 for storing data that require personal information security, such as personal information, biometric information, financial information, and the like.
- biometric information of the user 300 is sensed by the mobile device 100 of the affiliate member, the sensed biometric information is authenticated by the mobile device 200 of the user 300 , and the financial payment is made in a preset user payment method, for example, with a pre-registered credit card.
- a substitute key can be inputted on the mobile device 100 of the affiliate member, the inputted substitute key can be authenticated by the mobile device 200 of the user 300 , and a request for payment by the credit card can be made on the mobile device 200 , thereby processing the payment by a server (not shown) of a company managing the credit card.
- the financial payment method since all of personal information, biometric information, and financial information of the user 300 that need to be securely protected are authenticated directly by the mobile device 200 of the user 300 , a high level of information protection can be achieved.
- the user 300 may make a financial payment directly through the mobile device 100 of the affiliate member by using the user's biometric information and the information (the personal information, the biometric information, the financial information, and the like) set in the mobile device 200 , without having to use a physical card.
- FIG. 2 is a flowchart illustrating a method of processing a financial payment by verifying biometric information of a consumer according to an embodiment.
- a financial payment is processed by verifying biometric information of a consumer in a mobile device of an affiliate member, the following steps may be performed.
- one or more pieces of biometric information of a user are sensed.
- the user refers to an individual (i.e., a consumer) who is to pay.
- the biometric information may be a fingerprint, an iris, a vein at a specific position, an electrocardiogram, or voice.
- the fingerprint may be a fingerprint of a specific finger set by the user (e.g., a fingerprint of the left ring finger).
- the user may preset the left pupil, the right pupil, or both pupils, and use the preset pupil(s) as an object to be sensed.
- the vein at a specific position the user may preset a position such as information on a vein on the right palm or the left wrist.
- biometric information is not only information sensed from a part of the user's body but also any type of information selected and set by a user, thereby ensuring a high level of security for financial transactions.
- biometric information is not only information sensed from a part of the user's body but also any type of information selected and set by a user, thereby ensuring a high level of security for financial transactions.
- biometric information is not only information sensed from a part of the user's body but also any type of information selected and set by a user, thereby ensuring a high level of security for financial transactions.
- biometric information is not only information sensed from a part of the user's body but also any type of information selected and set by a user, thereby ensuring a high level of security for financial transactions.
- biometric information is not only information sensed from a part of the user's body but also any type of information selected and set by a user, thereby ensuring a high level of security for financial transactions.
- biometric information is not only information sensed
- a user A may pre-register the fingerprint of his/her left ring finger in his/her mobile device (referred to as a ‘second mobile device’) and allow a mobile device of an affiliate member (referred to as a ‘first mobile device’) to recognize the fingerprint of the left ring finger, thereby enabling the fingerprint information of the user A to be sensed as biometric information.
- a mobile device of an affiliate member referred to as a ‘first mobile device’
- the mobile device of the affiliate member transmits the sensed biometric information to the mobile device of the user in a predetermined method.
- the mobile device of the user to receive the sensed biometric information may be identified by an input of the user.
- the user allows the user's biometric information to be sensed and inputs the user's mobile device number, thereby presenting a means to authenticate information of the user to the affiliation member.
- biometric information may have various types, it may be transmitted in different file formats depending on the types of biometric information. Further, in view of the nature of biometric information, the biometric information may be encrypted for security in various manners or converted to a preset file format for transmission, instead of a file format inherent to the biometric information.
- fingerprint information may be generated as an image file, encrypted in an SHA scheme, and then transmitted.
- the image file may be converted to one type selected from among various extensions.
- fingerprint information may be generated as a video file.
- the encryption method may be appropriately selected and performed by an operator.
- RC4 OTPad, DES, TDES, AES, IDEA, and the like are available as a symmetrical key scheme
- Diffie-Hellman, DSA, Elgamal, RSA, ECC, and the like are available as an asymmetrical key scheme.
- SHA For uni-directional encryption that ensures integrity, SHA, MD5, HAVAL, HMAC, CBC-MAC, and the like are available.
- any of the encryption methods may be selected and used. Particularly, a certain encryption method that is best for a particular type of biometric information can be selected, thereby primarily preventing the transmitted biometric information from being exposed. Further, in various embodiments, even though the transmitted biometric information is exposed to an unauthorized third party over a network, the third party would not be able to obtain personal information on the individual because the transmitted biometric information does not have that personal information. That is, even though the user exposes his or her biometric information to the mobile device of the affiliate member, the user's personal information is not exposed.
- step 203 information indicating whether the transmitted biometric information matches the biometric information of the user stored in the mobile device of the user is received from the mobile device of the user.
- the transmitted biometric information is data sensed by the mobile device of the affiliate member, and the biometric information stored in the mobile device of the user is data pre-stored by the user. If the two data match, a financial transaction may be carried out using personal information and financial information pre-stored along with the biometric information in the mobile device of the user as an entity for the financial transaction.
- the mobile device of the affiliate member may transmit the sensed information to the mobile device of the user A to verify whether the sensed biometric information matches the pre-stored biometric information of the user A. If the sensed biometric information matches the pre-stored biometric information of the user A (step 204 ), the mobile device of the user A may transmit a match result to the mobile device of the affiliate member.
- the biometric information is authenticated to allow a financial payment to be made using personal information and financial information (e.g., credit card information or the like) of the user A pre-stored in the mobile device of the user A.
- the financial payment is terminated without a further progress.
- the financial payment may not be made using the personal information and financial information of the user A stored in the mobile device of the user A.
- step 205 payment content is authenticated.
- the payment content refers to details of the payment that are generated for the authenticated user. For example, if a user A, who wants to pay his or her a lunch order for KRW 8,000 at a restaurant (affiliate member), puts his or her fingerprint on a mobile device of the restaurant and inputs his or her mobile device number, payment content is generated to allow the user A to pay KRW 8,000 for the lunch by using credit card information pre-stored in the mobile device of the user A.
- the payment content is processed in a payment method preset in the user's mobile device.
- the user may preset one or more payment means in the user's mobile device, for financial transactions, and make a payment by a selected one of the payment means.
- the user may set a basic payment means, or each time a financial transaction is carried out, the user may view a payment means list, select a payment means, and set the selected payment means.
- financial payment methods may be displayed and selected under various conditions to maximize user convenience.
- various payment methods may be performed.
- the payment methods may include general payment by card, real-time account transfer, non-real-time account transfer, payment by mobile phone, payment by pre-paid on-line certificate, payment by rechargeable certificate, payment by points, and the like.
- a plurality of types of payment may be preset to provide an appropriate payment method according to a mobile device of an affiliate and a mobile device of a user.
- the predetermined payment method may perform authentication using a substitute key for a specific payment means selected from among one or more payment means by the user.
- a substitute key corresponds to a unique password of the specific payment means, which is preset by the user and stored in the mobile device of the user.
- the substitute key is preset in correspondence with the respective digits of the user's password among a combination of input keys displayed on the mobile device of the affiliate member.
- a user A may store all information (a card number, an expiration date, and the like) required to pay by a credit card as a payment means in the mobile device of the user A.
- the password of the credit card is 1234, the password has been preset between the user A and a credit card company to allow the user A to use the credit card.
- the user A may set a key substituting for each digit of the card password on his or her own.
- a substitute key for the numeral 1 in the first digit may be a special character ‘?,’
- a substitute key for the numeral 2 in the second digit may be a special character ‘@,’
- a substitute key for the numeral 3 in the third digit may be an English letter ‘f’ (lower case). Numbers, English alphabets, special characters, and Korean vowels or consonants, which are available as substitute keys are exposed on a general keyboard.
- a Hangeul-Dubeolsik keyboard (106 keys) is configured, which may be used in various embodiments.
- payment by mobile phone may be made.
- the user may preset a password and use a substitute key that corresponds to the password.
- a mobile phone number may be input.
- payment may be made, even when a mobile phone number is changed, with the changed mobile phone number. In this case, all cards registered with the resident registration number are available as payment means.
- various embodiments may be implemented to allow payment content to be also processed by new payment means.
- a substitute key may be set for a password used for a corresponding payment means.
- the password may be input to the mobile device of the affiliate member, and authenticated in the mobile device of the user.
- the user since the user uses a substitute key, exposure of the password of the user's credit card to the mobile device of the affiliate member may be prevented.
- This may be a user-specified security system, not a particular encryption scheme. Accordingly, even though a hacker or the affiliation member obtains the substitute key, the hacker or the affiliation member should hack the substitute key matching the card password stored in the mobile device of the user in order to obtain a number that corresponds to the substitute key. Therefore, the security level for personal information protection is very high.
- the user may pre-store one or more payment methods, and make each financial payment in a selected one of the plurality of payment methods.
- the one or more payment methods may be selected based on discount or non-discount for a payment amount, a discount percentage, point accumulation or non-accumulation, accumulated points, inclusion or non-inclusion as a record of card payment, the sum of amounts paid by card, or the like.
- a default value may be preset for priority based on the mobile device of the affiliate member and the features of a payment means. For example, a mobile device of a specific affiliate member may offer 10% off the price of a meal for payment by a credit card P in a restaurant.
- a discount for the card may be applied and the resulting price may be displayed.
- a discount and point accumulation/available details for payment may automatically be displayed for each payment means.
- the highest discount percentage or an offer of accumulation of a highest point has priority.
- the user may prioritize reference conditions in advance, and determine the best payment method calculated based on priority levels to be a payment means.
- the priority levels may be reflected adaptively in payment content in each financial payment. For example, if a specific restaurant offers 30% off the total amount of meals paid by the credit card P, the user may preset this condition as priority, and if a payment is made in the restaurant, the credit card P may be selected and the payment is made with the credit card P. In the case where the credit card P offers a high discount for a paid amount, but the user assigns higher priority to the sum of amounts paid by card, if a card Q has a very small sum of paid amounts (statement balance), the card Q may be selected and payment may be made with the card Q.
- the user may freely prioritize the payment methods under various conditions in advance.
- the mobile device of the affiliate member may constitute a list and display the list of payment methods of the user, and prompt the user to directly select and determine a payment means.
- the user may pre-store a payment method as financial information in the user's mobile device.
- FIG. 3 is a flowchart illustrating a method of processing a financial payment by verifying payment information of an affiliate member according to an embodiment.
- the mobile device of the user verifies payment information of the affiliate member and makes a financial payment, the following steps may be performed.
- biometric information of the user is received from the mobile device of the affiliate member (referred to as a ‘first mobile device’).
- the user's biometric information refers to data that the user allows a sensor provided in the mobile device of the affiliate member to sense.
- the biometric information may be one of a fingerprint, an iris, a vein in a specific body part, an electrocardiogram, voice, and the like.
- Based on various types of biometric information there may be various file formats for the biometric information.
- a file type is not limited based on the type of biometric information.
- Fingerprint information may be generated and received in an image file or a video file.
- the type of biometric information and the format of a file that carries the biometric information may also be preset in the user's mobile device by the user. This step corresponds to step 202 of FIG. 2 .
- step 302 it is determined whether the received biometric information matches biometric information of the user pre-stored in the mobile device of the user (referred to as a ‘second mobile device’).
- the received biometric information may be decrypted. If the received biometric information is in a specific file format, the received biometric information may be converted to a different format, when needed. Further, the scope of verification for determining match or mismatch between the two pieces of biometric information may include verifying the type of the biometric information (e.g., fingerprint information or iris information), and the file format of the received biometric information (e.g., an image file or a video file).
- the type of the biometric information e.g., fingerprint information or iris information
- the file format of the received biometric information e.g., an image file or a video file.
- a user A may set the fingerprint of the left ring finger in a mobile device of the user A, for use as biometric information, and set that received information should be in a video file converted from an image file. If the received biometric information is a voice file, it may be determined that the two pieces of biometric information do not match. If the received biometric information is a video file, the video file may be converted to an image file and compared with the fingerprint of the left ring finger stored in the user's mobile device.
- a step of receiving one or more pieces of biometric information from the user of the user's mobile device in embodiments. The received biometric information may be stored in a DB of the user's mobile device. If biometric information is received from the mobile device of the affiliate member, the received biometric information may be compared with the stored biometric information.
- One or more pieces of biometric information may be selected in combination. Once the user pre-stores the selected biometric information in the user's mobile device, the user may use the registered biometric information in subsequent financial payments. Since the user merely stores the biometric information in the user's mobile device without transmitting or storing data to or in the mobile device of the affiliate member, the biometric information requiring personal information protection may be protected sufficiently.
- step 303 the verification result of step 302 is transmitted to the mobile device of the affiliate member. If the received biometric information matches the biometric information stored in the mobile device of the user, the procedure goes from step 304 to step 305 (Yes), and the financial payment is processed. If the two pieces of biometric information do not match, the procedure ends (No) in step 304 .
- step 305 when the two pieces of biometric information match, authenticated payment content is received from the mobile device of the affiliate member.
- the payment content includes information on an amount that the user owes the affiliate member.
- the received payment content is processed in a payment method preset in the mobile device of the user.
- the payment is processed in a payment method selected from among one or more payment methods.
- the payment methods may include various online payment methods such as payment by card, payment by mobile phone, account transfer, and the like.
- a step of receiving information on one or more payment methods from the user of the user's mobile device may be performed.
- Various payment methods are available, and a plurality of items may also be available for each payment type. For example, 3 different types of credit cards may be registered, 2 different bank accounts may be registered, and a mobile phone authentication procedure may be performed in advance for payment by mobile phone.
- the user should pre-input information for payment (e.g., a card number, a card expiration date, and the like).
- the user may set a substitute key that corresponds to a card password.
- the user's password may be exposed to the mobile device of the affiliate member, and the user's password may be exposed on the network during transmission to the mobile device of the user.
- a substitute key for the card password may be input to the mobile device of the affiliate member, and the mobile device of the affiliate member may transmit the substitute key to the mobile device of the user. Therefore, the card password is verified between the mobile device of the user and the card company server, and thus the security measure may be extended.
- a substitute key is set to allow a key from a set of input keys displayed on the mobile device of the affiliate member (or the mobile device of the user) to correspond to each digit of the password according to a user input.
- the mobile device of the user may store substitute key information that corresponds to a password for each card.
- the mobile device of the user may request card payment to the card company server. Subsequently, the card company may accept the request and approve the use of the card for sales of the affiliate member.
- FIG. 4 is a sequence diagram that illustrates interaction among the mobile device 200 of the user, the mobile device 100 of the affiliate member, and a card company server 500 , to give a detailed description of interaction between the two mobile devices.
- step S 401 the user may register his or her biometric information in the mobile device 200 of the user, store personal information (a name, a date of birth, a residence registration number, and the like), and set one or more payment methods as financial information.
- a user-set substitute key may be stored for a password for a specific payment means.
- the mobile device 200 of the user may authenticate the biometric information and process a payment in the stored payment method.
- step S 402 the mobile device of the affiliate member transmits sensed biometric information to the mobile device of the user.
- Step S 403 the mobile device of the user determines whether the received biometric information matches the pre-stored biometric information.
- step S 404 the mobile device of the user transmits the determination result to the mobile device of the affiliate member.
- step S 405 if the received biometric information matches the biometric information stored in the mobile device of the user, the mobile device of the affiliate member authenticates payment content for the financial payment.
- step S 406 the mobile device of the affiliate member receives the substitute key that corresponds to the password of the payment means from the user in order to process the payment in the preset payment method, and the mobile device of the affiliate member transmits the substitute key to the mobile device of the user.
- step S 407 the mobile device of the user verifies whether the substitute key matches the card password.
- step S 408 the mobile device of the affiliate member transmits the verification result to the mobile device of the affiliate member.
- step S 409 if the substitute key matches the card password, the mobile device of the affiliate member transmits the payment content to the mobile device of the user to request the payment.
- step S 410 the mobile device of the user requests payment approval to the card company server 500 in the user-preset payment method. While substitute key information is transmitted and received between the mobile device of the user and the mobile device of the affiliate member, a credit card password may be transmitted and received directly between the mobile device of the user and the card company server. In this case, a security measure can be provided by the card company server.
- step S 411 regarding the payment content, the card company server 500 may approve the payment to the mobile device of the user.
- the mobile device of the affiliate member is not able to know all of personal information, biometric information, and financial information of a user.
- the mobile device of the affiliate member obtains only sensed biometric information and substitute key information.
- the biometric information of a user itself does not mean a lot. It has to be combined with personal information of the user to be meaningful in electronic transactions. Therefore, even when a user exposes his or her fingerprint to the mobile device of the affiliate member, it may not create a security problem in electronic transactions.
- the personal information, biometric information, and financial information of the user may be stored in the mobile device of the user, and user authentication and card authentication are performed for each financial payment in the mobile device of the user, a high level of security can be achieved.
- the card company server processes payment directly with the mobile device of the user based on card information of a specific person, and thus the security system may be maintained in a more organized manner than when processing with a plurality of devices of multiple affiliate members.
- FIGS. 5A and 5B are exemplary keypads displayed on a mobile device to allow a user to input a substitute key, according to embodiments of the present invention.
- the keypad of FIG. 5A includes numbers, English alphabets, Korean vowels, and Korean consonants, and the keypad of FIG. 5B includes special characters.
- input keys are arranged with spaces in the keyboard layout of an actual keypad. For example, a space is interposed between numbers 8 and 9 .
- the mobile device of the affiliate member may provide a display screen as illustrated in FIG. 5A to the user to allow the user to input a substitute key.
- the user may input, on a mobile device of an affiliate member, a substitute key that corresponds to a password of a payment means.
- a substitute key that corresponds to a password of a payment means.
- the combination of input keys illustrated in FIG. 5A or FIG. 5B may be re-ordered.
- FIG. 6 illustrates an example that the keyboard illustrated in FIG. 5A is re-ordered each time when each digit of a substitute key is input.
- FIG. 6 illustrates an example that the keyboard illustrated in FIG. 5A is re-ordered each time when each digit of a substitute key is input.
- FIG. 5A in which a space exists between numbers 8 and 9
- there is no space between numbers 8 and 9 in FIG. 6 there is no space between numbers 8 and 9 in FIG. 6 .
- the keys are re-ordered such that there is a space between numbers 4 and 5 in FIG. 6 .
- the apparatuses, methods, and components described in the embodiments may be implemented using one or more general-purpose computers or special-purpose computers, such as a processor, a controller, an ALU (arithmetic logic unit), a digital signal processor, a microcomputer, an FPGA (field programmable gate array), a PLU (programmable logic unit), a microprocessor, or any other device capable of executing an instruction and responding.
- a processing device may execute an operating system (OS) and one or more software applications executed on the OS. Further, the processing device may access, store, manipulate, process, and generate data in response to execution of software. To help understanding, the processing device is described as a single one.
- the processing device may include a plurality of processing elements and/or a plurality of types of processing elements.
- the processing device may include a plurality of processors, or one processor and one controller.
- a different processing configuration such as a parallel processor is available.
- Software may include a computer program, a code, an instruction, or a combination of two or more thereof, and may configure a processing device so that the processing device may operate in a desired manner or instruct the processing device independently or collectively.
- Software and/or data may be embodied permanently or temporarily in some type of machine, component, physical device, virtual equipment, computer storage medium or device, or a transmitted signal wave in order to be interpreted by the processing device or provide an instruction or data to the processing device.
- the software may be distributed over computer systems connected via a network, and stored or executed in a distributed manner.
- the software and data may be stored in one or more computer-readable recording mediums.
- a method according to an embodiment may be implemented in the form of a program instruction executable by various computer means and recorded in a computer-readable medium.
- the computer-readable medium may include a program instruction, a data file, and a data structure alone or in combination.
- the program instruction recorded in the medium may be specially designed and configured for the embodiment, or known and thus available to those skilled in computer software.
- the computer-readable medium may include hard disk, floppy disk, magnetic media such as magnetic tape, optical media such as CD-ROM and DVD, magneto-optical media such as floptical disk, and a hardware device specially configured to store and execute a program instruction such as ROM, RAM, and flash memory.
- Program instructions may include machine language code that is produced by a compiler or high-level language code that may be executed by an interpreter.
- the hardware device may be configured to operate as one or more software modules or vice versa in order to perform operations in the embodiment.
- Both an individual of a consumer side and a business provider of a suppler side may make a financial payment with low cost, using biometric information without deploying additional infrastructure, using already widely available mobile devices.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Multimedia (AREA)
- Human Computer Interaction (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Power Engineering (AREA)
- Biodiversity & Conservation Biology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
Abstract
Description
- The present invention relates to a financial payment method and payment system using a mobile device, and more particularly, to a method and system for making a payment by mutually verifying biometric information and financial information in two mobile devices.
- A payment system based on fingerprint recognition was first introduced to private businesses in the U.S. in 2007. However, the payment system has limitations in protecting personal information in that biometric information of individuals are stored in a specific device of a third party or accessible through a network exposed to the risk of hacking, which is why the payment system is not widely used now. Moreover, the fingerprint recognition-based payment system imposes a cost constraint on offline affiliate members because every offline affiliate member should be provided with an expensive fingerprint sensor for fingerprint recognition. In 2007, businesses using the fingerprint recognition-based payment system actually declared bankruptcy because of financial deficit caused by the purchase of a 2 to 3 million-dollar payment POS device.
- Recently, the Japanese government has attempted to adopt other fingerprint recognition-based payment systems. If a visitor to Japan puts two fingers on a fingerprint reader and inputs credit card information in an airport, the visitor may pay simply through fingerprint recognition in fingerprint recognition-enabled stores or hotels. For this purpose, the Japanese government announced that fingerprint recognition-based payment infrastructure would be deployed all over the nation by 2020 when the Olympics would be held in Tokyo. Although the attempt to deploy the fingerprint recognition-based payment infrastructure at the government level is highly likely to lead to wide use of the fingerprint recognition-based system, the fingerprint recognition-based system also has the same limitations as that in the U.S. due to the cost and insufficient protection of personal information.
- (Patent document 1) Korean Patent Publication No. 10-0997820 (Dec. 1, 2010).
- According to embodiments, a financial payment may be made without a physical card by means of a mobile device irrespective of time and place. Further, without the need for deploying additional infrastructure, a financial payment may be made using mobile devices which have been proliferated and are carried by a multitude of users.
- Personal information of an individual such as a resident registration number, a fingerprint, and the like, and financial information of the individual such as a card number, a card password, and the like are stored in a mobile device carried by the individual. When the individual makes a financial payment, the personal information and financial information are verified in the mobile device. Therefore, the individual may make a safe financial payment without exposure of the personal information and the financial information.
- In one aspect, the present invention provides a method of authenticating a financial payment at a first mobile device of a seller. The method comprises: sensing, by a sensor provided in the first mobile device, one or more pieces of biometric information of a purchaser; transmitting, by the first mobile device, the sensed biometric information to a second mobile device that is identified by the purchaser in a predetermined method; receiving, by the first mobile device, information from the second mobile device, wherein the information indicates whether the biometric information that is transmitted by the first mobile device matches biometric information of the purchaser that is pre-stored in the second mobile device; and authenticating, by the first mobile device, a content of the financial payment, when the biometric information that is transmitted by the first mobile device matches the biometric information that is pre-stored in the second mobile device.
- In an embodiment, the biometric information may include one or more of fingerprint information, iris information, vein information, electrocardiogram information, and voice information.
- In an embodiment, the authentication of the content of the financial payment may further comprise processing the payment in a payment method that is preset in the second mobile device. The preset payment method may comprise using a substitute key that corresponds to a password of a first payment means selected by the purchaser from among one or more payment means. The substitute key may be preset by the purchaser to correspond to a predetermined input key of each digit of the password, from among a set of input keys displayed on the first mobile device. The first payment means may be selected adaptively based on the payment content, from among preset one or more payment methods.
- In one embodiment, the transmission of the sensed biometric information may comprise encrypting the sensed biometric information in a predetermined encryption method and transmitting the encrypted biometric information or converting the sensed biometric information to a file in a predetermined format and transmitting the file. The predetermined encryption method may be RC4, OTPad, DES, TDES, AES, IDEA, Dffie-Hellman, DSA, Elgamal, RSA, ECC, SHA, MD5, HAVAL, HMAC, or CBC-MAC. The file in the predetermined format may be an image file, a video file, or a voice file. The format of the file may be determined adaptively based on the sensed biometric information.
- In another aspect, a method of performing a financial payment at a second mobile device identified by a purchaser is provided. The method comprises: receiving, by the second mobile device, biometric information of the purchaser from a first mobile device of a seller; verifying, by the second mobile device, whether the biometric information that is received from the first mobile device matches biometric information of the purchaser that is pre-stored in the second mobile device; receiving, by the second mobile device, authenticated payment content from the first mobile device, when the biometric information that is received from the first mobile device matches the biometric information of the purchaser that is pre-stored in the second mobile device; and performing, by the second mobile device, a payment in a payment method that is predetermined with regard to the payment content.
- In an embodiment, the method may further comprise receiving one or more pieces of biometric information and one or more payment methods from the purchaser.
- In an embodiment, the performing the payment may comprise using a substitute key that corresponds to a password of a first payment means selected by the purchaser. The substitute key may correspond to each digit of the password that is to be input by a user from a combination of input keys displayed on the first mobile device.
- In an embodiment, in case of each of the one more payment methods, the first payment means may be set to be a discount for a payment amount, point accumulation, or a statement balance in an order determined by a preset priority. The priority may be reflected adaptively in the payment content.
- In another aspect, a computing device including at least one processor, implemented at least temporarily by the at least one processor is provided. The computing device comprises: a sensor unit configured to sense one or more pieces of biometric information of a purchaser; a communication unit configured to transmit the sensed biometric information to a second mobile device that is identified by the purchaser in a predetermined method, and to receive information from the second mobile device in response to the transmission, wherein the information indicates whether the biometric information that is transmitted by the communication unit matches biometric information of the purchaser that is pre-stored in the second mobile device; and a computation unit configured to authenticate payment content, when the biometric information that is transmitted by the communication unit matches the biometric information that is pre-stored in the second mobile device.
- In another aspect, a program stored in a computer-readable recording medium, for causing a computing device to perform a financial payment based on biometric information and financial information of a purchaser is provided. The program comprises: an instruction set for receiving, at a first mobile device of a seller, biometric information of the purchaser; an instruction set for verifying whether the biometric information that is received from the first mobile device matches biometric information of the purchaser that is pre-stored in the computing device; and an instruction set for, when the received biometric information matches the pre-stored biometric information, receiving authenticated payment content from the first mobile device, and performing the payment using a substitute key that is received from the purchaser and corresponds to a password of a first payment means that is selected by the purchaser for each of one or more payment methods.
- According to the embodiments, even when a financial payment is made using biometric information of an individual, which has strict personal information protection requirements, there is no risk of exposing the biometric information to any devices other than a mobile device of the individual.
- Due to the use of widely available mobile devices, both of an individual as a consumer and a business provider as a supplier may make a financial payment with low cost, using biometric information.
- A financial payment may proceed in any of various user-selected payment methods, and due to use of a substitute key that corresponds to a password of a financial payment means, exposure of the password of a user to a mobile device of an affiliate member may be prevented.
-
FIG. 1 is a block diagram of a system for processing a financial payment by verifying biometric information, using two mobile devices according to an embodiment. -
FIG. 2 is a flowchart illustrating a method of processing a financial payment by verifying biometric information of a consumer according to an embodiment. -
FIG. 3 is a flowchart illustrating a method of processing a financial payment by verifying payment information of an affiliate member according to an embodiment. -
FIG. 4 is a sequence diagram illustrating interactions among a user mobile device, an affiliate member mobile device, and a card company server according to an embodiment. -
FIGS. 5A and 5B illustrate exemplary keypads for inputting a substitute key, displayed on a mobile device according to an embodiment. -
FIG. 6 illustrates an exemplary keypad on which the keys of the keypad illustrated inFIG. 5A are rearranged each time one digit of a substitute key is input according to an embodiment. - Embodiments will be described in detail with reference to the attached drawings. However, these embodiments do not limit the scope of the disclosure. In each drawing, like reference numerals denote the same components.
- Although terms used in the following description are selected as having general meanings in the related art, the terms may be replaced with other terms according to technology development and/or change, customs, operator preferences, and the like. Therefore, the terms used in the following description should be understood as exemplary terms used to describe the embodiments, not as limiting technical ideas.
- Further, the applicant selects some terms arbitrarily in a specific case. In this case, the detailed meanings of the terms will be specified in a corresponding part of the description. Therefore, the terms used herein should be understood not by their names but by their meanings and what is set forth through the specification.
-
FIG. 1 is a block diagram of a system for processing a financial payment by verifying biometric information, using two mobile devices according to an embodiment. In an embodiment, a financial payment may be made between a user (a purchaser, a consumer, or an individual) and an affiliate member (a seller, a supplier, or a business provider) through interaction between amobile device 100 of the affiliate member (seller) and amobile device 200 of the user (purchaser), such as verifying biometric information and financial information between themobile devices - The
mobile device 100 of the affiliate member includes asensor unit 110 for sensing biometric information such as a fingerprint, an iris, and the like from auser 300, acommunication unit 130 for transmitting and receiving data to and from another device through a wired or wireless network, acomputation unit 120 for generating payment content, requesting payment, and approving payment, and a database (DB) 140. - The
mobile device 200 of the user includes asensor unit 230 for sensing biometric information such as a fingerprint, an iris, and the like from theuser 300, acommunication unit 210 for transmitting and receiving data to and from another device through a wired or wireless network, acomputation unit 220 for verifying data match, performing encryption or decryption for the verification of the data match, or pre-registering personal information, biometric information, financial information, and the like, and aDB 240 for storing data that require personal information security, such as personal information, biometric information, financial information, and the like. - According to an embodiment, biometric information of the
user 300 is sensed by themobile device 100 of the affiliate member, the sensed biometric information is authenticated by themobile device 200 of theuser 300, and the financial payment is made in a preset user payment method, for example, with a pre-registered credit card. To do this, a substitute key can be inputted on themobile device 100 of the affiliate member, the inputted substitute key can be authenticated by themobile device 200 of theuser 300, and a request for payment by the credit card can be made on themobile device 200, thereby processing the payment by a server (not shown) of a company managing the credit card. In the financial payment method according to an embodiment, since all of personal information, biometric information, and financial information of theuser 300 that need to be securely protected are authenticated directly by themobile device 200 of theuser 300, a high level of information protection can be achieved. Theuser 300 may make a financial payment directly through themobile device 100 of the affiliate member by using the user's biometric information and the information (the personal information, the biometric information, the financial information, and the like) set in themobile device 200, without having to use a physical card. - More specifically, interaction between the
mobile device 100 of the affiliate member and themobile device 200 of the user will be described in detail with reference toFIGS. 2 and 3 . -
FIG. 2 is a flowchart illustrating a method of processing a financial payment by verifying biometric information of a consumer according to an embodiment. When a financial payment is processed by verifying biometric information of a consumer in a mobile device of an affiliate member, the following steps may be performed. - In
step 201, one or more pieces of biometric information of a user are sensed. The user refers to an individual (i.e., a consumer) who is to pay. The biometric information may be a fingerprint, an iris, a vein at a specific position, an electrocardiogram, or voice. Further, the fingerprint may be a fingerprint of a specific finger set by the user (e.g., a fingerprint of the left ring finger). Regarding the iris, the user may preset the left pupil, the right pupil, or both pupils, and use the preset pupil(s) as an object to be sensed. Regarding the vein at a specific position, the user may preset a position such as information on a vein on the right palm or the left wrist. Regarding the voice, various types of sounds in addition to the voice are available, such as whistle, cough, and the like. In case of the voice, a specific word, sentence, name, or the like, which is spoken, may be preset. As such, biometric information is not only information sensed from a part of the user's body but also any type of information selected and set by a user, thereby ensuring a high level of security for financial transactions. In other words, as a user can set the biometric information on his or her own (without sharing it with others), a wide choice of biometric information is available for financial transactions. - For example, in
step 201, a user A may pre-register the fingerprint of his/her left ring finger in his/her mobile device (referred to as a ‘second mobile device’) and allow a mobile device of an affiliate member (referred to as a ‘first mobile device’) to recognize the fingerprint of the left ring finger, thereby enabling the fingerprint information of the user A to be sensed as biometric information. - In
step 202, the mobile device of the affiliate member transmits the sensed biometric information to the mobile device of the user in a predetermined method. The mobile device of the user to receive the sensed biometric information may be identified by an input of the user. In other words, the user allows the user's biometric information to be sensed and inputs the user's mobile device number, thereby presenting a means to authenticate information of the user to the affiliation member. - Since biometric information may have various types, it may be transmitted in different file formats depending on the types of biometric information. Further, in view of the nature of biometric information, the biometric information may be encrypted for security in various manners or converted to a preset file format for transmission, instead of a file format inherent to the biometric information. For example, fingerprint information may be generated as an image file, encrypted in an SHA scheme, and then transmitted. Herein, the image file may be converted to one type selected from among various extensions. Alternatively, fingerprint information may be generated as a video file.
- The encryption method may be appropriately selected and performed by an operator. For bi-directional encryption, RC4, OTPad, DES, TDES, AES, IDEA, and the like are available as a symmetrical key scheme, and Diffie-Hellman, DSA, Elgamal, RSA, ECC, and the like are available as an asymmetrical key scheme.
- For uni-directional encryption that ensures integrity, SHA, MD5, HAVAL, HMAC, CBC-MAC, and the like are available. In various embodiments, any of the encryption methods may be selected and used. Particularly, a certain encryption method that is best for a particular type of biometric information can be selected, thereby primarily preventing the transmitted biometric information from being exposed. Further, in various embodiments, even though the transmitted biometric information is exposed to an unauthorized third party over a network, the third party would not be able to obtain personal information on the individual because the transmitted biometric information does not have that personal information. That is, even though the user exposes his or her biometric information to the mobile device of the affiliate member, the user's personal information is not exposed.
- In
step 203, information indicating whether the transmitted biometric information matches the biometric information of the user stored in the mobile device of the user is received from the mobile device of the user. The transmitted biometric information is data sensed by the mobile device of the affiliate member, and the biometric information stored in the mobile device of the user is data pre-stored by the user. If the two data match, a financial transaction may be carried out using personal information and financial information pre-stored along with the biometric information in the mobile device of the user as an entity for the financial transaction. For example, if a user A allows the mobile device of the affiliate member to sense fingerprint information of the user A, and the user A inputs his or her mobile device number, the mobile device of the affiliate member may transmit the sensed information to the mobile device of the user A to verify whether the sensed biometric information matches the pre-stored biometric information of the user A. If the sensed biometric information matches the pre-stored biometric information of the user A (step 204), the mobile device of the user A may transmit a match result to the mobile device of the affiliate member. This implies that the biometric information is authenticated to allow a financial payment to be made using personal information and financial information (e.g., credit card information or the like) of the user A pre-stored in the mobile device of the user A. - If the biometric information stored in the mobile device of the user A does not match the biometric information sensed by the mobile device of the affiliate member (step 204), the financial payment is terminated without a further progress. In other words, the financial payment may not be made using the personal information and financial information of the user A stored in the mobile device of the user A.
- If the biometric information stored in the mobile device of the user A matches the biometric information sensed by the mobile device of the affiliate member (step 204), payment content is authenticated in
step 205. The payment content refers to details of the payment that are generated for the authenticated user. For example, if a user A, who wants to pay his or her a lunch order for KRW 8,000 at a restaurant (affiliate member), puts his or her fingerprint on a mobile device of the restaurant and inputs his or her mobile device number, payment content is generated to allow the user A to pay KRW 8,000 for the lunch by using credit card information pre-stored in the mobile device of the user A. - In
step 206, the payment content is processed in a payment method preset in the user's mobile device. The user may preset one or more payment means in the user's mobile device, for financial transactions, and make a payment by a selected one of the payment means. The user may set a basic payment means, or each time a financial transaction is carried out, the user may view a payment means list, select a payment means, and set the selected payment means. In various embodiments, financial payment methods may be displayed and selected under various conditions to maximize user convenience. Once the user pre-registers one or more payment methods in the user's mobile device, various display methods and input methods for selection, which are not described herein, may be used and actually implemented. - In various embodiments, various payment methods may be performed. The payment methods may include general payment by card, real-time account transfer, non-real-time account transfer, payment by mobile phone, payment by pre-paid on-line certificate, payment by rechargeable certificate, payment by points, and the like. A plurality of types of payment may be preset to provide an appropriate payment method according to a mobile device of an affiliate and a mobile device of a user.
- According to an embodiment, the predetermined payment method may perform authentication using a substitute key for a specific payment means selected from among one or more payment means by the user. A substitute key corresponds to a unique password of the specific payment means, which is preset by the user and stored in the mobile device of the user. Specifically, the substitute key is preset in correspondence with the respective digits of the user's password among a combination of input keys displayed on the mobile device of the affiliate member. For example, a user A may store all information (a card number, an expiration date, and the like) required to pay by a credit card as a payment means in the mobile device of the user A. If the password of the credit card is 1234, the password has been preset between the user A and a credit card company to allow the user A to use the credit card. The user A may set a key substituting for each digit of the card password on his or her own. For example, a substitute key for the
numeral 1 in the first digit may be a special character ‘?,’ a substitute key for thenumeral 2 in the second digit may be a special character ‘@,’ and a substitute key for thenumeral 3 in the third digit may be an English letter ‘f’ (lower case). Numbers, English alphabets, special characters, and Korean vowels or consonants, which are available as substitute keys are exposed on a general keyboard. For example, a Hangeul-Dubeolsik keyboard (106 keys) is configured, which may be used in various embodiments. In another example, payment by mobile phone may be made. The user may preset a password and use a substitute key that corresponds to the password. Further, for payment by mobile phone, a mobile phone number may be input. Further, as the resident registration number of the individual is input, payment may be made, even when a mobile phone number is changed, with the changed mobile phone number. In this case, all cards registered with the resident registration number are available as payment means. If there are various payment means, various embodiments may be implemented to allow payment content to be also processed by new payment means. Likewise, a substitute key may be set for a password used for a corresponding payment means. The password may be input to the mobile device of the affiliate member, and authenticated in the mobile device of the user. - Accordingly, in an embodiment, since the user uses a substitute key, exposure of the password of the user's credit card to the mobile device of the affiliate member may be prevented. This may be a user-specified security system, not a particular encryption scheme. Accordingly, even though a hacker or the affiliation member obtains the substitute key, the hacker or the affiliation member should hack the substitute key matching the card password stored in the mobile device of the user in order to obtain a number that corresponds to the substitute key. Therefore, the security level for personal information protection is very high.
- In an embodiment, the user may pre-store one or more payment methods, and make each financial payment in a selected one of the plurality of payment methods. The one or more payment methods may be selected based on discount or non-discount for a payment amount, a discount percentage, point accumulation or non-accumulation, accumulated points, inclusion or non-inclusion as a record of card payment, the sum of amounts paid by card, or the like. A default value may be preset for priority based on the mobile device of the affiliate member and the features of a payment means. For example, a mobile device of a specific affiliate member may offer 10% off the price of a meal for payment by a credit card P in a restaurant. When the user intends to make a payment on the mobile device of the affiliate member according to this feature, if the user has the credit card P as a payment means, a discount for the card may be applied and the resulting price may be displayed. For various features such as cash back saving, point accumulation, point use, and the like, a discount and point accumulation/available details for payment may automatically be displayed for each payment means. Herein, the highest discount percentage or an offer of accumulation of a highest point has priority.
- Further, the user may prioritize reference conditions in advance, and determine the best payment method calculated based on priority levels to be a payment means. The priority levels may be reflected adaptively in payment content in each financial payment. For example, if a specific restaurant offers 30% off the total amount of meals paid by the credit card P, the user may preset this condition as priority, and if a payment is made in the restaurant, the credit card P may be selected and the payment is made with the credit card P. In the case where the credit card P offers a high discount for a paid amount, but the user assigns higher priority to the sum of amounts paid by card, if a card Q has a very small sum of paid amounts (statement balance), the card Q may be selected and payment may be made with the card Q. The user may freely prioritize the payment methods under various conditions in advance.
- In an embodiment, the mobile device of the affiliate member may constitute a list and display the list of payment methods of the user, and prompt the user to directly select and determine a payment means. In various embodiments, the user may pre-store a payment method as financial information in the user's mobile device.
-
FIG. 3 is a flowchart illustrating a method of processing a financial payment by verifying payment information of an affiliate member according to an embodiment. When the mobile device of the user verifies payment information of the affiliate member and makes a financial payment, the following steps may be performed. - In
step 301, biometric information of the user is received from the mobile device of the affiliate member (referred to as a ‘first mobile device’). The user's biometric information refers to data that the user allows a sensor provided in the mobile device of the affiliate member to sense. The biometric information may be one of a fingerprint, an iris, a vein in a specific body part, an electrocardiogram, voice, and the like. Based on various types of biometric information, there may be various file formats for the biometric information. A file type is not limited based on the type of biometric information. Fingerprint information may be generated and received in an image file or a video file. The type of biometric information and the format of a file that carries the biometric information may also be preset in the user's mobile device by the user. This step corresponds to step 202 ofFIG. 2 . - In
step 302, it is determined whether the received biometric information matches biometric information of the user pre-stored in the mobile device of the user (referred to as a ‘second mobile device’). To verify whether the two data match, if the received biometric information has been encrypted, the received biometric information may be decrypted. If the received biometric information is in a specific file format, the received biometric information may be converted to a different format, when needed. Further, the scope of verification for determining match or mismatch between the two pieces of biometric information may include verifying the type of the biometric information (e.g., fingerprint information or iris information), and the file format of the received biometric information (e.g., an image file or a video file). For example, a user A may set the fingerprint of the left ring finger in a mobile device of the user A, for use as biometric information, and set that received information should be in a video file converted from an image file. If the received biometric information is a voice file, it may be determined that the two pieces of biometric information do not match. If the received biometric information is a video file, the video file may be converted to an image file and compared with the fingerprint of the left ring finger stored in the user's mobile device. Beforestep 302, a step of receiving one or more pieces of biometric information from the user of the user's mobile device in embodiments. The received biometric information may be stored in a DB of the user's mobile device. If biometric information is received from the mobile device of the affiliate member, the received biometric information may be compared with the stored biometric information. - One or more pieces of biometric information may be selected in combination. Once the user pre-stores the selected biometric information in the user's mobile device, the user may use the registered biometric information in subsequent financial payments. Since the user merely stores the biometric information in the user's mobile device without transmitting or storing data to or in the mobile device of the affiliate member, the biometric information requiring personal information protection may be protected sufficiently.
- In
step 303, the verification result ofstep 302 is transmitted to the mobile device of the affiliate member. If the received biometric information matches the biometric information stored in the mobile device of the user, the procedure goes fromstep 304 to step 305 (Yes), and the financial payment is processed. If the two pieces of biometric information do not match, the procedure ends (No) instep 304. - In
step 305, when the two pieces of biometric information match, authenticated payment content is received from the mobile device of the affiliate member. The payment content includes information on an amount that the user owes the affiliate member. - In
step 306, the received payment content is processed in a payment method preset in the mobile device of the user. Specifically, the payment is processed in a payment method selected from among one or more payment methods. The payment methods may include various online payment methods such as payment by card, payment by mobile phone, account transfer, and the like. Beforestep 306, a step of receiving information on one or more payment methods from the user of the user's mobile device may be performed. Various payment methods are available, and a plurality of items may also be available for each payment type. For example, 3 different types of credit cards may be registered, 2 different bank accounts may be registered, and a mobile phone authentication procedure may be performed in advance for payment by mobile phone. For payment by card, the user should pre-input information for payment (e.g., a card number, a card expiration date, and the like). Herein, the user may set a substitute key that corresponds to a card password. - If the user inputs the card password through the mobile device of the affiliate member, the user's password may be exposed to the mobile device of the affiliate member, and the user's password may be exposed on the network during transmission to the mobile device of the user. To prevent the exposure, a substitute key for the card password may be input to the mobile device of the affiliate member, and the mobile device of the affiliate member may transmit the substitute key to the mobile device of the user. Therefore, the card password is verified between the mobile device of the user and the card company server, and thus the security measure may be extended.
- A substitute key is set to allow a key from a set of input keys displayed on the mobile device of the affiliate member (or the mobile device of the user) to correspond to each digit of the password according to a user input. The mobile device of the user may store substitute key information that corresponds to a password for each card.
- Therefore, when a card password is verified between the mobile device of the affiliate member and the mobile device of the user, using a substitute key, the mobile device of the user may request card payment to the card company server. Subsequently, the card company may accept the request and approve the use of the card for sales of the affiliate member.
- An embodiment of the financial payment method of the
mobile device 100 of the affiliate member has been described with reference toFIG. 2 , and an embodiment of the financial payment method from the perspective of themobile device 200 of the user has been described with reference toFIG. 3 .FIG. 4 is a sequence diagram that illustrates interaction among themobile device 200 of the user, themobile device 100 of the affiliate member, and acard company server 500, to give a detailed description of interaction between the two mobile devices. - In step S401, the user may register his or her biometric information in the
mobile device 200 of the user, store personal information (a name, a date of birth, a residence registration number, and the like), and set one or more payment methods as financial information. Herein, a user-set substitute key may be stored for a password for a specific payment means. Themobile device 200 of the user may authenticate the biometric information and process a payment in the stored payment method. - In step S402, the mobile device of the affiliate member transmits sensed biometric information to the mobile device of the user. In Step S403, the mobile device of the user determines whether the received biometric information matches the pre-stored biometric information. In step S404, the mobile device of the user transmits the determination result to the mobile device of the affiliate member.
- In step S405, if the received biometric information matches the biometric information stored in the mobile device of the user, the mobile device of the affiliate member authenticates payment content for the financial payment. In step S406, the mobile device of the affiliate member receives the substitute key that corresponds to the password of the payment means from the user in order to process the payment in the preset payment method, and the mobile device of the affiliate member transmits the substitute key to the mobile device of the user. In step S407, the mobile device of the user verifies whether the substitute key matches the card password. In step S408, the mobile device of the affiliate member transmits the verification result to the mobile device of the affiliate member.
- In step S409, if the substitute key matches the card password, the mobile device of the affiliate member transmits the payment content to the mobile device of the user to request the payment.
- In step S410, the mobile device of the user requests payment approval to the
card company server 500 in the user-preset payment method. While substitute key information is transmitted and received between the mobile device of the user and the mobile device of the affiliate member, a credit card password may be transmitted and received directly between the mobile device of the user and the card company server. In this case, a security measure can be provided by the card company server. - In step S411, regarding the payment content, the
card company server 500 may approve the payment to the mobile device of the user. - The mobile device of the affiliate member is not able to know all of personal information, biometric information, and financial information of a user. The mobile device of the affiliate member obtains only sensed biometric information and substitute key information. The biometric information of a user itself does not mean a lot. It has to be combined with personal information of the user to be meaningful in electronic transactions. Therefore, even when a user exposes his or her fingerprint to the mobile device of the affiliate member, it may not create a security problem in electronic transactions. On the contrary, since the personal information, biometric information, and financial information of the user may be stored in the mobile device of the user, and user authentication and card authentication are performed for each financial payment in the mobile device of the user, a high level of security can be achieved. On the other hand, the card company server processes payment directly with the mobile device of the user based on card information of a specific person, and thus the security system may be maintained in a more organized manner than when processing with a plurality of devices of multiple affiliate members.
-
FIGS. 5A and 5B are exemplary keypads displayed on a mobile device to allow a user to input a substitute key, according to embodiments of the present invention. The keypad ofFIG. 5A includes numbers, English alphabets, Korean vowels, and Korean consonants, and the keypad ofFIG. 5B includes special characters. For security, input keys are arranged with spaces in the keyboard layout of an actual keypad. For example, a space is interposed betweennumbers FIG. 5A to the user to allow the user to input a substitute key. - In an embodiment, the user may input, on a mobile device of an affiliate member, a substitute key that corresponds to a password of a payment means. Each time the user inputs each digit of the substitute key, the combination of input keys illustrated in
FIG. 5A orFIG. 5B may be re-ordered. To further improve security, for a 4-digit substitute key, 4 different types of keyboards may be provided.FIG. 6 illustrates an example that the keyboard illustrated inFIG. 5A is re-ordered each time when each digit of a substitute key is input. Compared toFIG. 5A in which a space exists betweennumbers numbers FIG. 6 . While there is no space betweennumbers FIG. 5A , the keys are re-ordered such that there is a space betweennumbers FIG. 6 . - The above-described embodiments may be implemented in hardware, software, and/or a combination thereof. For example, the apparatuses, methods, and components described in the embodiments may be implemented using one or more general-purpose computers or special-purpose computers, such as a processor, a controller, an ALU (arithmetic logic unit), a digital signal processor, a microcomputer, an FPGA (field programmable gate array), a PLU (programmable logic unit), a microprocessor, or any other device capable of executing an instruction and responding. A processing device may execute an operating system (OS) and one or more software applications executed on the OS. Further, the processing device may access, store, manipulate, process, and generate data in response to execution of software. To help understanding, the processing device is described as a single one. However, those skilled in the art will understand that the processing device may include a plurality of processing elements and/or a plurality of types of processing elements. For example, the processing device may include a plurality of processors, or one processor and one controller. Further, a different processing configuration such as a parallel processor is available.
- Software may include a computer program, a code, an instruction, or a combination of two or more thereof, and may configure a processing device so that the processing device may operate in a desired manner or instruct the processing device independently or collectively. Software and/or data may be embodied permanently or temporarily in some type of machine, component, physical device, virtual equipment, computer storage medium or device, or a transmitted signal wave in order to be interpreted by the processing device or provide an instruction or data to the processing device. The software may be distributed over computer systems connected via a network, and stored or executed in a distributed manner. The software and data may be stored in one or more computer-readable recording mediums.
- A method according to an embodiment may be implemented in the form of a program instruction executable by various computer means and recorded in a computer-readable medium. The computer-readable medium may include a program instruction, a data file, and a data structure alone or in combination. The program instruction recorded in the medium may be specially designed and configured for the embodiment, or known and thus available to those skilled in computer software. The computer-readable medium may include hard disk, floppy disk, magnetic media such as magnetic tape, optical media such as CD-ROM and DVD, magneto-optical media such as floptical disk, and a hardware device specially configured to store and execute a program instruction such as ROM, RAM, and flash memory. Program instructions may include machine language code that is produced by a compiler or high-level language code that may be executed by an interpreter. The hardware device may be configured to operate as one or more software modules or vice versa in order to perform operations in the embodiment.
- While the embodiments have been described above with reference to the particularly embodiment and the drawings, those skilled in the art will understand that various modifications and variations can be made from the disclosure. For example, even though the above-described techniques may be implemented in a different order from that described and/or the described components such as a system, structure, device, circuit, and so on are combined or merged in a method other than the described method or replaced by other components or equivalents, appropriate results may be achieved. Accordingly, other implementations, other embodiments, the appended claims, and their equivalents fall within the scope of the appended claims.
- Both an individual of a consumer side and a business provider of a suppler side may make a financial payment with low cost, using biometric information without deploying additional infrastructure, using already widely available mobile devices.
Claims (18)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020160151016A KR101758575B1 (en) | 2016-11-14 | 2016-11-14 | Method and system for financial payment using mobile devices |
KR10-2016-0151016 | 2016-11-14 | ||
PCT/KR2017/012829 WO2018088867A1 (en) | 2016-11-14 | 2017-11-14 | Financial payment method and payment system using mobile device |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2017/012829 A-371-Of-International WO2018088867A1 (en) | 2016-11-14 | 2017-11-14 | Financial payment method and payment system using mobile device |
Related Child Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/454,179 Continuation-In-Part US12051055B2 (en) | 2016-11-14 | 2021-11-09 | Financial payment method and payment system using mobile device |
US17/644,676 Continuation US11810114B2 (en) | 2016-11-14 | 2021-12-16 | Financial payment method and payment system using mobile device |
Publications (2)
Publication Number | Publication Date |
---|---|
US20190295095A1 true US20190295095A1 (en) | 2019-09-26 |
US11238454B2 US11238454B2 (en) | 2022-02-01 |
Family
ID=59427159
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/349,503 Active US11238454B2 (en) | 2016-11-14 | 2017-11-14 | Biometric data verification method and system using mobile devices |
US17/644,676 Active US11810114B2 (en) | 2016-11-14 | 2021-12-16 | Financial payment method and payment system using mobile device |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US17/644,676 Active US11810114B2 (en) | 2016-11-14 | 2021-12-16 | Financial payment method and payment system using mobile device |
Country Status (8)
Country | Link |
---|---|
US (2) | US11238454B2 (en) |
EP (2) | EP3540672A4 (en) |
JP (1) | JP7424833B2 (en) |
KR (1) | KR101758575B1 (en) |
CN (1) | CN110088792A (en) |
RU (1) | RU2019117368A (en) |
UA (1) | UA125037C2 (en) |
WO (1) | WO2018088867A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113379405A (en) * | 2021-06-15 | 2021-09-10 | 一汽资本控股有限公司 | Vehicle-mounted terminal payment method and vehicle-mounted terminal payment system |
US20220150242A1 (en) * | 2020-11-09 | 2022-05-12 | Ghost Pass Inc. | Identity authentication system |
US20220417748A1 (en) * | 2017-10-13 | 2022-12-29 | Visa International Service Association | Mitigating risk for hands-free interactions |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101837369B1 (en) * | 2017-10-11 | 2018-03-14 | 주식회사 올아이티탑 | System for relaying financial transaction with multiple safety function and method for processing thereof |
KR101875200B1 (en) * | 2018-03-05 | 2018-08-03 | 주식회사 올아이티탑 | System for relaying financial transaction with multiple safety function and method for processing thereof |
US12125054B2 (en) | 2018-09-25 | 2024-10-22 | Valideck International Corporation | System, devices, and methods for acquiring and verifying online information |
CN110502473A (en) * | 2019-08-27 | 2019-11-26 | 许灵辉 | A kind of file automating processing method of reference |
CN114365524A (en) * | 2019-09-20 | 2022-04-15 | 索尼集团公司 | Information processing apparatus, server apparatus, information terminal, and information processing system |
WO2021186575A1 (en) * | 2020-03-17 | 2021-09-23 | 日本電気株式会社 | Electronic payment device, system, method, and non-transitory computer-readable medium having program stored thereon |
CN112465497A (en) * | 2020-11-26 | 2021-03-09 | 维沃移动通信有限公司 | Payment method, payment device, electronic equipment and medium |
JP2023053603A (en) * | 2021-10-01 | 2023-04-13 | 三井住友カード株式会社 | Settlement processing device, method, and program |
Family Cites Families (52)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6167517A (en) * | 1998-04-09 | 2000-12-26 | Oracle Corporation | Trusted biometric client authentication |
JP4511684B2 (en) * | 2000-05-16 | 2010-07-28 | 日本電気株式会社 | Biometrics identity verification service provision system |
US7565329B2 (en) * | 2000-05-31 | 2009-07-21 | Yt Acquisition Corporation | Biometric financial transaction system and method |
JP2001344544A (en) * | 2000-06-02 | 2001-12-14 | Koji Sugano | Portable terminal and electronic clearing system using the same |
JP2002032176A (en) | 2000-07-18 | 2002-01-31 | Dainippon Printing Co Ltd | Input device and its key arranging method |
JP2003006168A (en) * | 2001-06-25 | 2003-01-10 | Ntt Docomo Inc | Method for authenticating mobile terminal and mobile terminal |
US7360689B2 (en) * | 2001-07-10 | 2008-04-22 | American Express Travel Related Services Company, Inc. | Method and system for proffering multiple biometrics for use with a FOB |
JP2004110352A (en) | 2002-09-18 | 2004-04-08 | Hitachi Software Eng Co Ltd | Credit card settlement service system |
JP2004259152A (en) | 2003-02-27 | 2004-09-16 | Bank Of Tokyo-Mitsubishi Ltd | Settlement processing method, settlement processor, program and computer readable recording medium |
JP2005135093A (en) * | 2003-10-29 | 2005-05-26 | Fujitsu Ltd | Electronic payment support system and electronic payment support apparatus |
JP2005346606A (en) | 2004-06-07 | 2005-12-15 | Matsushita Electric Ind Co Ltd | Electronic settlement system using mobile telephone |
US7823766B1 (en) * | 2005-09-30 | 2010-11-02 | Advanced Micro Devices, Inc. | Financial transaction system |
KR100884376B1 (en) * | 2006-02-09 | 2009-02-17 | (주)솔메이즈 | Method and apparatus of OTP based on Challenge/Response |
JP2008217257A (en) | 2007-03-01 | 2008-09-18 | Valuegate Co Ltd | Processing apparatus for biometric authentication, biometric authentication method, program for causing apparatus to execute the method, and recording medium with the program recorded thereon |
US8935187B2 (en) | 2007-03-07 | 2015-01-13 | Playspan, Inc. | Distributed payment system and method |
JP2009086699A (en) | 2007-09-27 | 2009-04-23 | Kyocera Corp | Electronic equipment, and pin alternative keying method in electronic equipment |
US20090094123A1 (en) * | 2007-10-03 | 2009-04-09 | Patrick Killian | Payment services provider methods in connection with personalized payments system |
US8028896B2 (en) * | 2007-12-14 | 2011-10-04 | Bank Of America Corporation | Authentication methods for use in financial transactions and information banking |
KR100997820B1 (en) | 2008-02-28 | 2010-12-01 | 주식회사 한국사이버결제 | Method and apparatus for controlling payment system by using fingerprint recognition |
KR20090011127U (en) | 2008-04-26 | 2009-10-29 | 주식회사지한정보통신 | Multimodel biometric identification device |
US9026462B2 (en) * | 2008-09-30 | 2015-05-05 | Apple Inc. | Portable point of purchase user interfaces |
KR101088029B1 (en) | 2009-11-19 | 2011-11-29 | 최운호 | System for Authentication of Electronic Cash Using Smart Card and Communication Terminal |
US20110142234A1 (en) * | 2009-12-15 | 2011-06-16 | Michael Leonard Rogers | Multi-Factor Authentication Using a Mobile Phone |
FR2956941A1 (en) * | 2010-02-19 | 2011-09-02 | Ingenico Sa | BIOMETRIC AUTHENTICATION METHOD, AUTHENTICATION SYSTEM, PROGRAM AND CORRESPONDING TERMINAL. |
CN101872454A (en) * | 2010-06-18 | 2010-10-27 | 杨彬 | Sales terminal transaction processing method, equipment and mobile terminal transaction processing method |
US8666895B2 (en) * | 2011-01-31 | 2014-03-04 | Bank Of America Corporation | Single action mobile transaction device |
US10380605B2 (en) * | 2011-06-20 | 2019-08-13 | Ncr Corporation | System and method for associating discounts with payment options |
WO2014015346A1 (en) | 2012-07-20 | 2014-01-23 | Life Technologies Corporation | Systems and methods for identifying an individual |
US20130159196A1 (en) | 2011-12-20 | 2013-06-20 | Ebay, Inc. | Secure PIN Verification for Mobile Payment Systems |
CO6820276A1 (en) * | 2012-06-29 | 2013-12-31 | Identica S A | Parallel network of biometric authentication |
US20160155112A1 (en) | 2012-10-10 | 2016-06-02 | Mastercard International Incorporated | Barcode-triggered payment method and system |
WO2014141158A1 (en) * | 2013-03-14 | 2014-09-18 | Ologn Technologies Ag | Methods, apparatuses and systems for providing user authentication |
RU2589847C2 (en) | 2013-04-08 | 2016-07-10 | Михаил Анатольевич Камышев | Method of paying for goods and services using biometric parameters of customer and device therefore |
KR101607935B1 (en) * | 2013-06-03 | 2016-04-01 | 주식회사 티모넷 | System for paying mobile using finger scan and method therefor |
US9672518B2 (en) * | 2013-09-21 | 2017-06-06 | Whirl, Inc. | Systems, methods, and devices for improved transactions at a point of sale |
US10121144B2 (en) * | 2013-11-04 | 2018-11-06 | Apple Inc. | Using biometric authentication for NFC-based payments |
KR102216877B1 (en) | 2014-02-19 | 2021-02-18 | 삼성전자 주식회사 | Authentication method and apparatus based on biometric information in a electronic device |
US20170004296A1 (en) | 2014-03-28 | 2017-01-05 | Panasonic Intellectual Property Management Co., Ltd. | Biometric authentication method and biometric authentication system |
JP5985103B2 (en) * | 2014-04-08 | 2016-09-06 | 楽天株式会社 | Portable terminal, distribution server, control method, and program |
US9384486B2 (en) * | 2014-07-15 | 2016-07-05 | Verizon Patent And Licensing Inc. | Secure financial payment |
US9672511B2 (en) * | 2014-12-30 | 2017-06-06 | Visa International Service Association | Location dependent communications between mobile devices and transaction terminals to order mobile device payment accounts |
US20160321627A1 (en) | 2015-04-29 | 2016-11-03 | Ncr Corporation | Biometric authentication of pre-staged self-service terminal transactions |
KR101719065B1 (en) * | 2015-07-13 | 2017-03-22 | 이도훈 | An intermediate server system combining device and biometric authentication, and operating method therefor |
US9519901B1 (en) * | 2015-09-16 | 2016-12-13 | Square, Inc. | Biometric payment technology |
KR20160002623A (en) * | 2015-12-16 | 2016-01-08 | 김우진 | Method for managing payment between mobile terminal |
KR20160013221A (en) * | 2016-01-04 | 2016-02-03 | 크루셜텍 (주) | Method for issuing code, user terminal and payment relay server |
KR20170098105A (en) | 2016-02-19 | 2017-08-29 | 삼성전자주식회사 | Electronic apparatus having authentication module and method for authenticating user by controlling authentication module |
CN106022779A (en) * | 2016-05-17 | 2016-10-12 | 浪潮(北京)电子信息产业有限公司 | Payment method and system based on fingerprint identification |
KR101926709B1 (en) | 2017-04-26 | 2018-12-07 | 한국후지쯔 주식회사 | Control apparatus for biometric and method thereof |
KR101960799B1 (en) | 2017-05-31 | 2019-03-21 | 주식회사 아이리시스 | biometric recognition access control system having IoT and its control methods |
KR102215522B1 (en) | 2019-04-02 | 2021-02-16 | 한밭대학교 산학협력단 | System and method for authenticating user |
KR102156184B1 (en) | 2019-11-01 | 2020-09-15 | 이선관 | Electronic device for identity authentication using biometric information of user and method for operation thereof |
-
2016
- 2016-11-14 KR KR1020160151016A patent/KR101758575B1/en active IP Right Grant
-
2017
- 2017-11-14 JP JP2019547055A patent/JP7424833B2/en active Active
- 2017-11-14 US US16/349,503 patent/US11238454B2/en active Active
- 2017-11-14 RU RU2019117368A patent/RU2019117368A/en unknown
- 2017-11-14 CN CN201780079399.9A patent/CN110088792A/en active Pending
- 2017-11-14 UA UAA201906255A patent/UA125037C2/en unknown
- 2017-11-14 EP EP17869100.2A patent/EP3540672A4/en not_active Ceased
- 2017-11-14 EP EP23186455.4A patent/EP4242948A3/en active Pending
- 2017-11-14 WO PCT/KR2017/012829 patent/WO2018088867A1/en active Application Filing
-
2021
- 2021-12-16 US US17/644,676 patent/US11810114B2/en active Active
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20220417748A1 (en) * | 2017-10-13 | 2022-12-29 | Visa International Service Association | Mitigating risk for hands-free interactions |
US20220150242A1 (en) * | 2020-11-09 | 2022-05-12 | Ghost Pass Inc. | Identity authentication system |
CN113379405A (en) * | 2021-06-15 | 2021-09-10 | 一汽资本控股有限公司 | Vehicle-mounted terminal payment method and vehicle-mounted terminal payment system |
Also Published As
Publication number | Publication date |
---|---|
EP3540672A1 (en) | 2019-09-18 |
CN110088792A (en) | 2019-08-02 |
JP7424833B2 (en) | 2024-01-30 |
WO2018088867A1 (en) | 2018-05-17 |
EP3540672A4 (en) | 2020-06-24 |
US11810114B2 (en) | 2023-11-07 |
US11238454B2 (en) | 2022-02-01 |
RU2019117368A (en) | 2020-12-14 |
KR101758575B1 (en) | 2017-07-26 |
US20220108324A1 (en) | 2022-04-07 |
EP4242948A3 (en) | 2023-10-11 |
JP2020500386A (en) | 2020-01-09 |
EP4242948A2 (en) | 2023-09-13 |
RU2019117368A3 (en) | 2021-03-18 |
UA125037C2 (en) | 2021-12-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11810114B2 (en) | Financial payment method and payment system using mobile device | |
US11956243B2 (en) | Unified identity verification | |
US11379818B2 (en) | Systems and methods for payment management for supporting mobile payments | |
US11631076B1 (en) | Systems and methods for mobile wallet provisioning | |
US10937069B2 (en) | Public ledger authentication system | |
CN107851254B (en) | Seamless transactions with minimized user input | |
US20010051924A1 (en) | On-line based financial services method and system utilizing biometrically secured transactions for issuing credit | |
US11888995B1 (en) | Systems and methods for value transfers using signcryption | |
CN112823368B (en) | Tokenized contactless transactions through cloud biometric identification and authentication | |
US20210241266A1 (en) | Enhancing 3d secure user authentication for online transactions | |
US12051055B2 (en) | Financial payment method and payment system using mobile device | |
US20160117682A1 (en) | Secure seamless payments | |
US11093911B2 (en) | Systems, methods, and computer program products providing an identity-storing browser | |
WO2016051353A1 (en) | System and ergonomically advantageous method for performing online secure transactions on trusted personal device | |
US20240338701A1 (en) | Financial payment method and payment system using mobile device | |
US20240380756A1 (en) | Unified identity verification | |
JP2023125217A (en) | Program, information processing device, and information processing method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
FEPP | Fee payment procedure |
Free format text: ENTITY STATUS SET TO SMALL (ORIGINAL EVENT CODE: SMAL); ENTITY STATUS OF PATENT OWNER: SMALL ENTITY |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE AFTER FINAL ACTION FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: ADVISORY ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: AWAITING TC RESP, ISSUE FEE PAYMENT VERIFIED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
AS | Assignment |
Owner name: GHOST PASS INC., KOREA, REPUBLIC OF Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:LEE, SEON GWAN;REEL/FRAME:063672/0729 Effective date: 20230516 |